Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 521
Alerts This Week
Warning Icon 1 521

Fedora 23: 2016-21f0de504c Moderate Update for libXi Crash Bug Fix

fedora
Calendar Grey November 10, 2016
Dist Fedora Esm H88
An important libXi enhancement for Fedora 23 tackles vulnerabilities, such as system failures and improper data management.
libXi 1.7.8 ---- Fix crash when calling XListInputDevices on devices without classes ---- Security fix for CVE-2016-7945, CVE-2016-7946

Summary

X.Org X11 libXi runtime library

Update Information:

libXi 1.7.8 ---- Fix crash when calling XListInputDevices on devices without classes ---- Security fix for CVE-2016-7945, CVE-2016-7946

Change Log

References


[ 1 ] Bug #1381868 - CVE-2016-7945 libXi: Insufficient validation of server responses result in Integer overflows https://bugzilla.redhat.com/show_bug.cgi?id=1381868 [ 2 ] Bug #1381869 - CVE-2016-7946 libXi: Insufficient validation of server responses result in various data mishandlings https://bugzilla.redhat.com/show_bug.cgi?id=1381869

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade libXi' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
important
Lowest
Low
Medium
High
Critical

Name: libXi
Product: Fedora 23
Version: 1.7.8
Release: 2.fc23
Summary: X.Org X11 libXi runtime library

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.